Chapter 23 Demo Release

News discussions

Moderator:Moderators

User avatar
Mike
Site Admin
Posts:465
Joined:Sat Oct 20, 2007 7:58 pm
Contact:
Chapter 23 Demo Release

Post by Mike » Sun Oct 31, 2010 2:41 am

Hello everyone,

Chapter 23 of the OSDev Series has been updated with some additional content and demo release. I apologize for the delay. The next chapter we will be modifying and expanding on the demo provided in this chapter while we support a user mode<>kernel mode single tasking in Chapter 24.
Lead Programmer for BrokenThorn Entertainment, Co.
Website: http://www.brokenthorn.com
Email: webmaster@brokenthorn.com

pathos
Moderator
Posts:97
Joined:Thu Jan 10, 2008 6:43 pm
Location:USA

Re: Chapter 23 Demo Release

Post by pathos » Sun Oct 31, 2010 11:11 pm

Hooray! Thanks!!

HeinanXP
Posts:19
Joined:Sun Jul 11, 2010 1:12 pm

Re: Chapter 23 Demo Release

Post by HeinanXP » Mon Nov 01, 2010 2:17 pm

The real question is, when the update for chapter 22 will be released??

User avatar
Mike
Site Admin
Posts:465
Joined:Sat Oct 20, 2007 7:58 pm
Contact:

Re: Chapter 23 Demo Release

Post by Mike » Tue Nov 02, 2010 5:33 am

Hello,

The updates for Chapter 22 (and actually Chapter 23) should be this weekend. The updates are the same as with the previous demo updates however does take a bit of time to complete.
Lead Programmer for BrokenThorn Entertainment, Co.
Website: http://www.brokenthorn.com
Email: webmaster@brokenthorn.com

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Tue Nov 02, 2010 12:09 pm

Hi Mike,

About chapter 23:
user command causes a page fault.
I'm trying to discovery the motive...

Thanks
_____________
Think it, build it, bit by bit...

User avatar
Mike
Site Admin
Posts:465
Joined:Sat Oct 20, 2007 7:58 pm
Contact:

Re: Chapter 23 Demo Release

Post by Mike » Wed Nov 03, 2010 12:31 am

Hello,

Chapter 23 was based off of the Chapter 22 demo, both of which are in need of the bug fix update. Because these are the last two chapters in need for this update at this time, they should be updated this weekend. I suspect this might be the cause of the page fault, which appears in certain emulators (not all).
Lead Programmer for BrokenThorn Entertainment, Co.
Website: http://www.brokenthorn.com
Email: webmaster@brokenthorn.com

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Wed Nov 03, 2010 8:14 am

...before diving into code there is a doubt.
At the moment of TSS register... should not be sizeof(tss_entry)-1 instead of base+sizeof(tss_entry)?(...at transfers, the system will pick up that struct and fill the the entire cpu context?)
_____________
Think it, build it, bit by bit...

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Fri Nov 05, 2010 9:21 pm

last question was that so bad?

any way... it crash here (iret instruction):
(goto user land procedure)

Code: Select all

(0) [0x00101378] 0008:00000000c0001378 (unk. ctxt): cli                       ; fa
(0) [0x00101379] 0008:00000000c0001379 (unk. ctxt): mov ax, 0x0023            ; 66b82300
(0) [0x0010137d] 0008:00000000c000137d (unk. ctxt): mov ds, ax                ; 668ed8
(0) [0x00101380] 0008:00000000c0001380 (unk. ctxt): mov es, ax                ; 668ec0
(0) [0x00101383] 0008:00000000c0001383 (unk. ctxt): mov fs, ax                ; 668ee0
(0) [0x00101386] 0008:00000000c0001386 (unk. ctxt): mov gs, ax                ; 668ee8
(0) [0x00101389] 0008:00000000c0001389 (unk. ctxt): push 0x00000023           ; 6a23
(0) [0x0010138b] 0008:00000000c000138b (unk. ctxt): push esp                  ; 54
(0) [0x0010138c] 0008:00000000c000138c (unk. ctxt): pushfd                    ; 9c
(0) [0x0010138d] 0008:00000000c000138d (unk. ctxt): pop eax                   ; 58
(0) [0x0010138e] 0008:00000000c000138e (unk. ctxt): or eax, 0x00000200        ; 0d00020000
(0) [0x00101393] 0008:00000000c0001393 (unk. ctxt): push eax                  ; 50
(0) [0x00101394] 0008:00000000c0001394 (unk. ctxt): push 0x0000001b           ; 6a1b
(0) [0x00101396] 0008:00000000c0001396 (unk. ctxt): lea eax, dword ptr ds:0xc000139e ; 8d059e1300c0
(0) [0x0010139c] 0008:00000000c000139c (unk. ctxt): push eax                  ; 50
(0) [0x0010139d] 0008:00000000c000139d (unk. ctxt): iretd                     ; cf
registers context (before iret)

Code: Select all

rax: 0x00000000:c000139e rcx: 0x00000000:00008f1c
rdx: 0x00000000:c0008bc0 rbx: 0x00000000:00000001
rsp: 0x00000000:00008f00 rbp: 0x00000000:00008f14
rsi: 0x00000000:00008fd4 rdi: 0x00000000:00000090
r8 : 0x00000000:00000000 r9 : 0x00000000:00000000
r10: 0x00000000:00000000 r11: 0x00000000:00000000
r12: 0x00000000:00000000 r13: 0x00000000:00000000
r14: 0x00000000:00000000 r15: 0x00000000:00000000
rip: 0x00000000:c000139d
eflags 0x00000002: id vip vif ac vm rf nt IOPL=0 of df if tf sf zf af pf cf
segments context (before iret)

Code: Select all

es:0x0023, dh=0x00cff300, dl=0x0000ffff, valid=1		Data segment, base=0x00000000, limit=0xffffffff, Read/Write, Accessed
cs:0x0008, dh=0x00cf9b00, dl=0x0000ffff, valid=1		Code segment, base=0x00000000, limit=0xffffffff, Execute/Read, Accessed, 32-bit
ss:0x0010, dh=0x00cf9300, dl=0x0000ffff, valid=7		Data segment, base=0x00000000, limit=0xffffffff, Read/Write, Accessed
ds:0x0023, dh=0x00cff300, dl=0x0000ffff, valid=1		Data segment, base=0x00000000, limit=0xffffffff, Read/Write, Accessed
fs:0x0023, dh=0x00cff300, dl=0x0000ffff, valid=1		Data segment, base=0x00000000, limit=0xffffffff, Read/Write, Accessed
gs:0x0023, dh=0x00cff300, dl=0x0000ffff, valid=1		Data segment, base=0x00000000, limit=0xffffffff, Read/Write, Accessed
ldtr:0x0000, dh=0x00008200, dl=0x0000ffff, valid=1		
tr:0x002b, dh=0xc000eb00, dl=0x95d89640, valid=1
gdtr:base=0x00000000c0008d6e, limit=0x2f
idtr:base=0x00000000c0008da4, limit=0x7ff

Code: Select all

.show gdt
   Idx  BaseHI  BaseLO  BaseMid Flags   Grand   Limit
   0    0       0       0       0       0       0
   1    0       0       0       9B      CF      FFFF
   2    0       0       0       92      CF      FFFF
   3    0       0       0       FA      CF      FFFF
   4    0       0       0       F2      CF      FFFF
   5    C0      95D8    0       EB      0       9640

.show idt index
  Enter the IDT index > 128
  Idx   BaseHI  BaseLO  Flag    Reserved        Sel
   128  C000    2330    EE      0               8

any clue?
_____________
Think it, build it, bit by bit...

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Sat Nov 06, 2010 5:14 pm

Code: Select all

a) [0x001022bf] 0008:00000000c00022bf (unk. ctxt): push 0x0000001b           ; 6a1b
b) [0x001022c1] 0008:00000000c00022c1 (unk. ctxt): lea eax, dword ptr ds:0xc00022c9 ; 8d05c92200c0
c) [0x001022c7] 0008:00000000c00022c7 (unk. ctxt): push eax                  ; 50
d) [0x001022c8] 0008:00000000c00022c8 (unk. ctxt): iretd                     ; cf
e) [0x001022c9] 001b:00000000c00022c9 (unk. ctxt): add esp, 0x00000004       ; 83c404
f) [0x00100690] 0008:00000000c0000690 (unk. ctxt): push ebp                  ; 55 ----------------------------------------------------CS:8 (error handler)
I notice that it really goes to the user environment (as you can see at line e)...
(CS gets 1B and EIP gets the effective address of label a)

... But, any instructions found there, invokes the page fault error
_____________
Think it, build it, bit by bit...

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Sun Nov 07, 2010 12:20 pm

I believe I found what I think is the problem.
Since the "_mmngr_used_blocks" and "_mmngr_max_blocks" is pointing to the same value, it never reaches the code that sets the pages flags property (I86_PTE_USER)!

More, I thing that pmmngr_init should appear before vmmngr_initialize to set values to the variables used in vmmngr_initialize...

That is the problem to the "user land" page fault... Lets remember that pages for the kernel remains mapped to "kernel mode-access only" (from loader) (or 3)...


(cracking the system: I changed the Loader to ORing by 7d and all works perfect... but, of course isn't the correct solution, since the kernel should run on protected environment)



let me knows, please....
_____________
Think it, build it, bit by bit...

User avatar
Mike
Site Admin
Posts:465
Joined:Sat Oct 20, 2007 7:58 pm
Contact:

Re: Chapter 23 Demo Release

Post by Mike » Sun Nov 07, 2010 4:51 pm

Hello,
Insightsoft wrote:More, I thing that pmmngr_init should appear before vmmngr_initialize to set values to the variables used in vmmngr_initialize...
The above is related to the bug fix update mentioned earlier. The bug fix involves some additions to the vmmgr and the above (pmmngr_init should be first) that should resolve the portability issues.

An easy way to apply the update is to copy an updated demo's vmmngr.cpp/h and paste it over this demos vmmngr.cpp/h and apply the above change moving the vmmngr_init call right after initializing the pmm. I do not believe there are additional changes that are needed for this patch.
That is the problem to the "user land" page fault... Lets remember that pages for the kernel remains mapped to "kernel mode-access only" (from loader) (or 3)
This is the usual case, yes. However this demo sets the I86_PTE_USER bit for kernel pages allowing user mode software this for simplicity. This allows the user mode software the capability of calling kernel functions in this demo without needing to go through system API. The vulnerability of the above is discussed in the chapter and can be rectified once a loader is in place (next chapter).

This also means that, after applying the above patch, you will need to update vmmngr.cpp to set the I86_PTE_USER bits for the page directory and page tables.
Lead Programmer for BrokenThorn Entertainment, Co.
Website: http://www.brokenthorn.com
Email: webmaster@brokenthorn.com

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Thu Nov 11, 2010 5:23 am

Thanks Mike,

I remember few months ago (maybe last year) , you was talking about making some changes to some demos to cover also Microsoft Virtual PC...
Where can I get specification about, for example, Bochs and MSVPC??
(For me, when something runs in A and doesn't in B: I'm really in trouble!)

About chapter 23. It runs in Bochs but doesn't run in MSVPC... I'm stuck! (I wish be able to fix this kind of problem)
_____________
Think it, build it, bit by bit...

User avatar
Mike
Site Admin
Posts:465
Joined:Sat Oct 20, 2007 7:58 pm
Contact:

Re: Chapter 23 Demo Release

Post by Mike » Thu Nov 11, 2010 9:29 pm

Hello,
Where can I get specification about, for example, Bochs and MSVPC?
The source code of Bochs can be obtained online as well as documentation. VirtualPC, however, does not provide technical information (disregarding the processor fault code). This is do to VPC not being an emulator.
About chapter 23. It runs in Bochs but doesn't run in MSVPC
Please note that the demo provided has been tested in VPC and Bochs. If it fails in VPC, there are a couple of steps that can be taken to find the problem:

-In goto_user(), comment out the int 0x80 call and test. If it works, the system API is probably at fault;
-If it still fails, it might be crashing on entry to user mode. This can be a #PF or #GPF. The exception code provided by VPC will help in determining what the cause is.
At the moment of TSS register... should not be sizeof(tss_entry)-1 instead of base+sizeof(tss_entry)?
You are correct there-that looks like an error. The demo, and Chapter 22's demo are planned for the memory management update this weekend, so this error should be corrected by then.
Lead Programmer for BrokenThorn Entertainment, Co.
Website: http://www.brokenthorn.com
Email: webmaster@brokenthorn.com

HeinanXP
Posts:19
Joined:Sun Jul 11, 2010 1:12 pm

Re: Chapter 23 Demo Release

Post by HeinanXP » Thu Nov 25, 2010 7:23 pm

What about the Chapter 22 Demo Update?

Insightsoft
Posts:63
Joined:Wed Jul 22, 2009 6:44 am

Re: Chapter 23 Demo Release

Post by Insightsoft » Fri Nov 26, 2010 2:40 pm

Hi...

Mike,

...the loader crash at:

Code: Select all

mov    	ebx, 0												; 0x0000
mov		ebp, IMAGE_RMODE_BASE							; 0x3000
mov 	esi, ImageName										; File to load
call	LoadFile												; load our file
	|
	|
...
.LOAD_IMAGE:											; load the cluster
	mov		ax, WORD [cluster]							; cluster to read
	pop		es											; bx:bp=es:bx
	pop		bx
	call		ClusterLBA
	xor		cx, cx
	mov		cl, BYTE [bpbSectorsPerCluster]
	call		ReadSectors (crash here)
	|
	|	
	call    LBACHS                              ; convert starting sector to CHS
	mov     ah, 0x02                            ; BIOS read sector
	mov     al, 0x01                            ; read one sector
	mov     ch, BYTE [absoluteTrack]            ; track
	mov     cl, BYTE [absoluteSector]           ; sector
	mov     dh, BYTE [absoluteHead]             ; head
	mov     dl, BYTE [bsDriveNumber]            ; drive
	int     0x13                                ; invoke BIOS-------------------------------------------------<b>(crash here)</b>

Q: When?
A: When the ECX > 103 (in LoadFile)

Code: Select all

...
pop		ecx
inc		ecx
...

if ecx > 103 then, at "call ReadSectors", inside "int 0x13" it crash...
Here is the registers values, before the int 13

Code: Select all

ah=02	service
al=01	number of sectors to read
ch=0a	track or cylinder
cl=05	sector id to read
dh=01	head
dl=00	a:

ES:BX		0000:FE00
the result in bochs is:

Code: Select all

00022741396i[FDD  ] controller reset in software
00022746580i[CPU0 ] BOUND_GdMa: fails bounds test
00022746582i[CPU0 ] BOUND_GdMa: fails bounds test
00022746584i[CPU0 ] BOUND_GdMa: fails bounds test
00022746586i[CPU0 ] BOUND_GdMa: fails bounds test
00022746588i[CPU0 ] BOUND_GdMa: fails bounds test
00022746590i[CPU0 ] BOUND_GdMa: fails bounds test
00022746592i[CPU0 ] BOUND_GdMa: fails bounds test
keep running...
It seams to me that the problem is our buffer (0000:FE00)
_____________
Think it, build it, bit by bit...

Post Reply